- Chat with McAfee Ready to make a purchase or have questions before you buy? Chat with a McAfee expert. Available Monday to Friday.
- Find a Reseller
- Contact Me
- Get Security Notifications Now
- Call: 1-888-847-8766
Overview
By mapping IT controls against predefined policy content, McAfee Policy Auditor helps you report consistently and accurately against key industry mandates and internal policies across your infrastructure or on specific targeted systems. Policy Auditor is an agent-based IT audit solution that leverages the Security Content Automation Protocol (SCAP) to automate the processes required for internal and external IT audits.
Streamlined deployment and management — The McAfee ePolicy Orchestrator (ePO) platform provides easy Policy Auditor deployment, and simplified reporting and compliance management.
Flexible policy formation — Within minutes, Policy Auditor allows for the creation of new policies designed by you, set by corporate governance, or from authoritative sites such as Federal Desktop Core Configuration (FDCC). Real-time audits and controls for setting the frequency of data capture deliver timely information for compliance.
Predefined templates and controls — Policy Auditor comes with predefined benchmark templates and the ability to ensure protection of the business by employing blackout windows that halt data capture during key business periods.
Features & Benefits
Streamline proof of compliance
Use prebuilt policy templates that eliminate manual effort and demonstrate adherence to key industry mandates and internal governance policies, including PCI DSS, SOX, GLBA, HIPAA, FISMA, and the best-practice frameworks ISO 27001 and COBIT. Policy Auditor includes a purpose-built PCI dashboard that delivers a consolidated view of the state of compliance by PCI requirement/control.
Receive unprecedented integration with McAfee ePO and Vulnerability Manager
Use McAfee ePolicy Orchestrator (ePO) software to lower cost of ownership by consolidating endpoint security management and compliance management, easing agent deployment, administration, and reporting. Integration with McAfee Vulnerability Manager enables organizations to consolidate agent and agentless audits.
Get the latest standards in compliance validation
Keep updated on compliance standards. Security Content Automation Protocol (SCAP) validation by the National Institute of Standards and Technology (NIST) enables agencies to comply with the Federal Desktop Core Configuration (FDCC) standard.
Customize and extend Policy Auditor IT controls checking
Create rules from any scripting language supported by the system being audited to extend the check capabilities of Policy Auditor. Sample languages include VBScript, batch files, Perl, and Python.
Prevent disruption to critical business applications with blackout window
Set the frequency of data capture to support automated reports with accurate data. To prevent disruption to critical business applications, a blackout window lets IT operations block audit data capture during key business periods.
Get Fast, automated import of industry benchmarks
Download benchmarks from authoritative sites. Within minutes, view detailed security guidance to confirm regulatory compliance or design your own internal governance policies based on security community best practices.
System Requirements
Operating Systems
- Microsoft Windows 7
- Microsoft Windows Vista
- Microsoft Windows XP Pro
- Microsoft Windows 2000 (Advanced/Professional), 2003 (Enterprise/Standard), 2008
- Microsoft Windows XP, 2003, 2008 R1
- Red Hat Enterprise Linux 3.0
- Red Hat Enterprise Linux (AS, ES, WS) 4.0, 5.0, 5.1
- MAC OS X 10.4, 10.5
- HP-UX (RISC) 11iv1, 11iv2
- AIX (Power5, Power6) 5.3 TL8 SP5, 6.1 TL2 SP0
Demos / Tutorials
McAfee Continuous Compliance
Use a single solution and achieve continuous compliance with McAfee Configuration Control.
McAfee Risk & Compliance
Learn how McAfee Risk and Compliance products scan your entire network, providing complete visibility and ensuring proper protection.
Tutorials
Customer Stories
Intelsat
Intelsat trusts McAfee to protect user and network devices globally.
Highlights
- Protected a diverse environment from internal and external threats, including the inherent risks of a fluctuating population of 250 to 500 contractors
- Managed the entire server system with 1.5 full-time employees (FTEs)
- Reduced solution cost by 75% over a la carte purchases from separate vendors
- Standardized a security environment that previously required five vendors
- Complied with regulations, including SOX, HIPAA, and Department of Defense (DoD)
James Tower
McAfee keeps James Tower secure and compliant with industry regulations.
Highlights
- Reduced time required to push out the most current security and virus patches to minutes, rather than hours or days
- Used to apply patches, updates, settings, and other security measures consistently across all systems
- Dramatically reduced audit time as well as time to build and maintain servers
- Provided fast, accurate profiling of all systems
- Facilitated decision making through a centralized, consolidated dashboard and robust reporting
Scottrade
Scottrade partners with McAfee to secure customer data.
Highlights
- Eliminated network vulnerabilities and protected customer information
- Improved monitoring and control of workstations and servers via a single management console
- Streamlined and accelerated security management and vulnerability assessment
- Simplified deployment, patches, and upgrades
- Helped Scottrade garner multiple awards for customer satisfaction and IT excellence
News / Events
News
- McAfee Named a Finalist in 15 Categories of SC Magazine 2011 Awards
November 11, 2010Topics : Email & Web Security, Risk & Compliance
Events
No results foundResources
McAfee Policy Auditor Software
For a technical summary on the McAfee product listed above, please view the product data sheet.
Solution Briefs
White Papers
Community
Forums
No results foundBlogs
- Cultural Security: Promoting Security Policies Using Organizational Culture
Steven Fox - September 06, 2011
Most of us refer to security policies in much the same way as we refer to our car manuals – when something unexpected happens. We know these documents have useful information. However, their utility is tied to situations where answers do not present themselves readily. According to Chris Noel, SVP of Product Management at ANXeBusiness, Read more... - Building an Arsenal of Best-in-Breed Database Security Solutions
Eric Schou - August 19, 2011
Visit any news site on the Web, and undoubtedly you’ll come across a barrage of articles publicizing the details of yet another data breach. With the prominence of SQL injection attacks, and malicious insiders and hackers exploiting sensitive data stored on unpatched and vulnerable databases, enterprise organizations have found themselves reevaluating their security strategies. Following Read more... - Hackers vs. Hackers: The New Frontier Of Embedded Devices
Stuart McClure - June 27, 2011
If we look at the evolution of hacking, certain techniques never go out of style, but we’re at the beginning of a big shift in terms of the targets. The threat landscape has evolved beyond PCs, tablets, and smartphones to a whole new battleground: connected devices all around us. According to Ericsson, there will be Read more... - The Consumer Experience, The Data Center And 99.9% Uptime
Evelyn de Souza - May 23, 2011
While 99.9% network and server uptime has long been an established standard in data centers, the consumer experience so often fails to live up to that, and I as I was reminded of again this weekend. Unplanned network or server changes or vulnerabilities are often the cause of website outages. And, as the website Read more... - My Recent Travels to Italy and Spain
Gert Jan Schenk - May 19, 2011
Recently I have been meeting with customers and resellers throughout Italy and Spain and it was interesting to hear that their needs from a security partner are very similar to those from the other countries I have recently visited. I have started to see strong interest in the McAfee DLP, Database Protection and Encryption technologies Read more...